THREATOPS
THREAT OPSThreat News › CVE-2026-58319: Apache Doris: Improper Authentication in Frontend HTTP API

CVE-2026-58319: Apache Doris: Improper Authentication in Frontend HTTP API

medoss_secPublished 2026-07-14

<p>Posted by Mingyu Chen on Jul 13</p>Severity: critical <br /> <br /> Affected versions:<br /> <br /> - Apache Doris 2.1.0 before 3.1.0<br /> <br /> Description:<br /> <br /> Certain Apache Doris FE HTTP REST administrative APIs were accessible without proper authentication. An unauthenticated <br /> attacker with network access to the FE HTTP service could perform unauthorized administrative ope

Indicators of compromise

Original source: https://seclists.org/oss-sec/2026/q3/133